Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2012-5687

Overview

Vulnerability Score 7.8 7.8
CVE Id CVE-2012-5687
Last Modified 24 Nov 2013 11:29:22
Published 01 Nov 2012 06:44:47
Confidentiality Impact COMPLETE COMPLETE
Integrity Impact NONE NONE
Availability Impact NONE NONE
Access Vector NETWORK
Access Complexity LOW
Authentication NONE

CVE-2012-5687

Summary

Directory traversal vulnerability in the web-based management feature on the TP-LINK TL-WR841N router with firmware 3.13.9 build 120201 Rel.54965n and earlier allows remote attackers to read arbitrary files via a .. (dot dot) in the PATH_INFO to the help/ URI.

Vulnerable Systems

Operating System

  • Tp-link Tl-wr841n Firmware 3.13.9


References

BUGTRAQ - 20121031 [BUGTRAQ]Security Advisory - TP-LINK TL-WR841N LFI - [UPDATE]

XF - tplink-url-file-include(79662)

MISC - http://packetstormsecurity.org/files/117749/TP-LINK-TL-WR841N-Local-File-Inclusion.html


Last Updated: 27 May 2016 10:47:18